<?php

session_start();

if (isset($_SESSION['error'])) {  
	switch ($_SESSION['error'])
	{
		//if an attacker trying to spoof us
		case "spoof_form":	
			echo "you are trying to spoof our registration!";
			echo "<br>";
			echo "BAD BOY!";
			echo "<br>";
			echo "<a href='http://localhost/webproject/PHP/index.php'>Go back to home page</a>"; 
			unset($_SESSION['eror']); 
			break;
			
		/*this is for session hijacking
		 	when operative there is a need to send the user to an authentication page
		 	to enter his password again
		 	P.S - how do i check if session hijacking works?				* */
		 
		case "hijacking":
			echo "you tried hijacking the session";
			echo "<br>";
			echo "<a href='http://localhost/webproject/PHP/index.php'>Go back to home page</a>"; 
			unset($_SESSION['eror']);
			break;
			
		case "not_auth":
			echo "You are not authorized to view this page";
			echo "<br>";
			echo "<a href='http://localhost/webproject/PHP/index.php'>Go back to home page</a>"; 
			unset($_SESSION['eror']);
			break;
			
		default:
			echo "Something went wrong!!! RUN FOR YOUR LIFE!!!!";
			echo "<br>";
			echo "<a href='http://localhost/webproject/PHP/index.php'>Go back to home page</a>"; 
			unset($_SESSION['eror']);
			break;
	}
}
else
{
	echo "You are not autohirzed";
	echo "<br>";
	echo "<a href='http://localhost/webproject/PHP/index.php'>Go back to home page</a>"; 
	echo "<br>";
}
	


?>